Docker making image

Posted by TomNomNom on Tue, 14 Jan 2020 04:12:17 +0100

Structure of this chapter

  • Layer of Docker image
  • Basic creation method of Dockerfile
  • Dockerfile creating various application containers

Layer of Docker image

Each instruction in the Dockerfile creates a new image layer

The image layer will be cached and reused

When the Dockerfile instruction is modified, the copied file changes, or the specified variables are different when building the image, the corresponding image cache will be invalid

When a layer's mirror cache fails, its mirror cache will fail

The image layer is immutable. If you add a file in one layer and then delete it in the next layer, the image still contains the file

Creating Docker image

Docker mirror image

  • Is the standard format for application Publishing
  • Can support the operation of a Docker container

    How to create Docker image

  • Create based on existing image
  • Create based on local template
  • Create based on Dockerfile

    Create based on existing image

    Package the programs and running environment in the container to generate a new image

docker create -it centos /bin/bash
docker commit -m "new" -a "daoke" a19597abf62d daoke:centos
  • -m: Description information
  • -a: Author information
  • -p: Stop container from running during build

    Create based on local template

    Generate a new image by importing the operating system template file

    Import as local image using wget command

cat nginx-1.12.0.tar.gz | docker import - docker: new
After importing successfully, you can view the local image information
docker images | grep new

Create based on Dockerfile

Dockerfile is a file composed of a set of instructions

Four results of Dockerfile

  • Basic impact information
  • Maintainer information
  • Mirror operation instruction
  • Execute command when container starts

    Create image using Dockerfile and run it in container

    instructions Meaning
    FROM mirror image Specifies the image on which the new image is based. The first instruction must be the FROM instruction. Every image created requires the FFROM instruction.
    MAINTAINER name Explain the maintainer information of the new image
    RUN command Executes commands on the mirror on which they are based and commits them to a new mirror
    CMD ["program to run", "parameter 1," parameter 2 "] The command or script to run when the command starts the container. The Dockerfile can only have one CMD command. If multiple commands are specified, only the last f can be executed
    Exit port number Specify the port to open when the new image is loaded into Docker
    ENV environment variable value Setting the value of an environment variable will be used by the following RUN
    ADD source file / directory target file / directory Copy the source file to the target file. The source file should be in the same directory as the Dockerfile, or the f URL
    COPY source file / directory target file / directory Copy the files / directories on the local host to the destination, and the source files / directories should be in the same directory as DGckerfile
    VOLUME [directory] Create a mount point in the container
    USER user name / UID Specify the user when the container runs
    WORKDIR path Specify working directory for subsequent RUN, CMD, ENTRYPOINT
    ONBUILD command Specifies the command to run when the generated image is used as a base image
    HEALTHCHECK Health examination

Dockerfile creating various application containers

Dockerfile creating apache image container

mkdir apache
cd apache/
vim Dockerfile
#Base image based on
FROM centos
#Maintain the user information of the image
MAINTAINER The project <cloude-docker>
#Install apache Software with mirror operation instruction
RUN yum -y update //Update yum warehouse
RUN yum -y install httpd
#Open port 80
#Copy home page file
ADD index.html /var/www/html/index.html
#Copy execution script to image
RUN chmod 755 /
#Execute script when starting container
CMD ["/"]

[root@localhost opt]# vim
rm -rf /run/httpd/*
exec /usr/sbin/apachectl -D FOREGROUND

echo "this is web" index.html
//Generating mirrors
docker build -t httpd:centos .
//New image run container
docker run -d -p 1216:80 httpd:centos

Dockerfile creating ssh image container

mkdir sshd
cd sshd/
vim Dockerfile
#Base image based on
FROM centos
#Maintain the user information of the image
MAINTAINER this is project  <lzp-sshd>
#Reload yum source
RUN yum -y update
#Install necessary packages
RUN yum -y install openssh* net-tools lsof telnet passwd
#Set password for root
RUN echo '123456' | passwd --stdin root
#Modify profile
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
#Generate secret key
RUN ssh-keygen -t rsa -f /etc/ssh/sshd_host_rsa_key
RUN sed -i '/^scssion\s\+required\s\^/#/' /etc/pam.d/sshd
RUN mkdir -P /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
#Open 20 ports
#Starting container
CMD ["/usr/sbin/sshd","-D"]

//Generating mirrors
docker build -t sshd:new .
//Start the container and change the root password
docker run -d -P sshd:new
ssh localhost -p 32770

Dockerfile creates systemctl image container based on sshd image container

mkdir systemctl 
cd systemctl 
vim Dockerfile
#Base image based on
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/; for i in *; do [ $i == \
systemd-tmpfile-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/*; \
rm -f /lib/systemd/system/*udev*; \
rm -f /lib/systemd/system/*initctl*; \
rm -f /lib/systemd/system/*; \
rm -f /lib/systemd/system/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]

//Generating mirrors
docker build -t local/c7-systemd:latest .

//Root in the privileged container has real root privileges. No responsibility, the root in the container is only a common external user right
docker run --privileged -ti -v /sys/fs/cgroup:sys/fs/cgroup:ro local/c7-systemd:latest /sbin/init
//Container entry 
docker exec -it    image IP   bash

Topics: Linux Docker ssh CentOS yum